写点什么

用户注册密码保存与校验(golang 版)

用户头像
2流程序员
关注
发布于: 2020 年 08 月 26 日



package main
import (
	"crypto/sha1"
	"fmt"
	"net/http"
)
var db = map[string]map[string]string{}
func indexHandler(w http.ResponseWriter, r *http.Request) {
	usage := `
注册用户:
curl --location --request POST '127.0.0.1:8000/register' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=admin' \
--data-urlencode 'password=admin123'
用户登录:
curl --location --request POST '127.0.0.1:8000/login' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=admin' \
--data-urlencode 'password=admin123'
`
	fmt.Fprintf(w, usage)
}
func hashPasswd(passwd, salt string) string {
	sha := sha1.New()
	sha.Write([]byte(passwd))
	sha.Write([]byte(salt))
	return string(sha.Sum(nil))
}
func checkPW(username, passwd, passwdMac string) bool {
	if passwdMac == hashPasswd(passwd, username) {
		return true
	}
	return false
}
func saveUser(username string, passMac string) {
	u := map[string]string{}
	u["username"] = username
	u["pass_mac"] = passMac
	db[username] = u
}
func loginHanler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "POST" {
		w.WriteHeader(http.StatusBadRequest)
		fmt.Fprint(w, http.StatusText(http.StatusBadRequest))
		return
	}
	// 参数校验
	username := r.PostFormValue("username")
	passwd := r.PostFormValue("password")
	if username == "" ||
		passwd == "" {
		w.WriteHeader(http.StatusBadRequest)
		fmt.Fprint(w, "参数错误")
		return
	}
	// 校验密码
	user, ok := db[username]
	if !ok {
		fmt.Fprint(w, "用户不存在")
		return
	}
	if checkPW(username, passwd, user["pass_mac"]) {
		fmt.Fprint(w, "login success")
		return
	}
	fmt.Fprint(w, "login fail")
}
func registerHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "POST" {
		w.WriteHeader(http.StatusBadRequest)
		fmt.Fprint(w, http.StatusText(http.StatusBadRequest))
		return
	}
	// 参数校验
	username := r.PostFormValue("username")
	passwd := r.PostFormValue("password")
	if username == "" ||
		passwd == "" {
		w.WriteHeader(http.StatusBadRequest)
		fmt.Fprint(w, "参数错误")
		return
	}
	// 密码哈希
	passMac := hashPasswd(passwd, username)
	// 保存用户
	saveUser(username, passMac)
	fmt.Fprint(w, "ok")
}
func main() {
	http.HandleFunc("/", indexHandler)
	http.HandleFunc("/register", registerHandler)
	http.HandleFunc("/login", loginHanler)
	http.ListenAndServe(":8000", nil)
}

usage:

  1. 运行程序

  2. 注册用户: curl --location --request POST '127.0.0.1:8000/register' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'username=admin' \ --data-urlencode 'password=admin123'

  3. 用户登录: curl --location --request POST '127.0.0.1:8000/login' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'username=admin' \ --data-urlencode 'password=admin123'

划线
评论
复制
发布于: 2020 年 08 月 26 日阅读数: 53
用户头像

2流程序员

关注

还未添加个人签名 2020.03.18 加入

还未添加个人简介

评论

发布
暂无评论
Copyright © 2021, Geekbang Technology Ltd. All rights reserved. 极客邦控股(北京)有限公司 | 京 ICP 备 16027448 号 - 5京公网安备京公网安备 11010502039052号
用户注册密码保存与校验(golang版)